Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d61275-e00a-4bfb-be8a-16b36d0801e9/1/zydobAI7h9aiyTU0qtr7bW5f5d0.roa
File: zydobAI7h9aiyTU0qtr7bW5f5d0.roa (raw, json)
Hash identifier: 8xksMd2J2lh30iuBLQICsw1Hdj2/HCRsJkyJOIkML0E=
Subject key identifier: CF:27:68:6C:02:3B:87:D6:A2:C9:35:34:AA:DA:FB:6D:6E:5F:E5:DD
Certificate issuer: /CN=3816e19b24a7e8cff189fabac28852cd8748a380
Certificate serial: 018CC7949BAD08E90B46D9A0A588EAD18494
Authority key identifier: 38:16:E1:9B:24:A7:E8:CF:F1:89:FA:BA:C2:88:52:CD:87:48:A3:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBbhmySn6M_xifq6wohSzYdIo4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d61275-e00a-4bfb-be8a-16b36d0801e9/1/zydobAI7h9aiyTU0qtr7bW5f5d0.roa
Signing time: Tue 02 Jan 2024 00:30:54 +0000
ROA not before: Tue 02 Jan 2024 00:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199826
IP address blocks: 185.33.47.0/24 maxlen: 24
185.33.45.0/24 maxlen: 24
185.33.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:9b:ad:08:e9:0b:46:d9:a0:a5:88:ea:d1:84:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3816e19b24a7e8cff189fabac28852cd8748a380
Validity
Not Before: Jan 2 00:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf27686c023b87d6a2c93534aadafb6d6e5fe5dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:60:44:0c:1b:d3:03:c0:f6:59:3a:cc:4f:00:
86:ee:d1:dd:f2:d3:68:90:76:16:33:ff:6a:fc:00:
53:cd:b0:aa:1d:8d:c5:37:c5:14:98:f1:f2:e1:d9:
ca:01:bb:7f:33:a2:9d:76:06:d5:b4:e6:69:07:8b:
53:51:4a:86:27:47:ff:35:d8:e1:a4:6b:2e:e7:a3:
4f:94:78:05:6e:02:7f:59:34:7b:bf:a8:b3:21:71:
19:01:98:4f:88:8e:52:a5:0b:08:ea:44:2a:cf:5c:
bb:9d:ce:eb:c3:e2:85:89:7e:6a:f8:25:e4:8e:ac:
53:ae:e0:00:69:5e:5a:b3:63:3c:81:fb:20:5f:8a:
3b:7b:1c:84:2f:c7:36:16:fe:fe:1e:6b:d2:0c:f4:
0d:13:54:25:27:d1:3e:1d:b6:a8:0a:17:50:fe:c2:
cc:a4:d6:c0:91:d1:cd:aa:cf:f0:fc:4a:83:48:5f:
92:95:42:bd:74:2a:03:28:34:34:3d:67:74:87:86:
29:ce:16:1d:14:b9:3f:f1:02:40:61:1b:1e:50:a8:
fc:92:70:ea:86:c9:54:16:73:58:58:8c:80:50:f6:
0b:78:58:c6:c9:d7:a5:ed:3c:db:7f:c6:8f:ef:d6:
08:6d:ad:8a:f8:21:3c:97:04:d2:4b:ea:39:e4:41:
21:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:27:68:6C:02:3B:87:D6:A2:C9:35:34:AA:DA:FB:6D:6E:5F:E5:DD
X509v3 Authority Key Identifier:
keyid:38:16:E1:9B:24:A7:E8:CF:F1:89:FA:BA:C2:88:52:CD:87:48:A3:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBbhmySn6M_xifq6wohSzYdIo4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d61275-e00a-4bfb-be8a-16b36d0801e9/1/zydobAI7h9aiyTU0qtr7bW5f5d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d61275-e00a-4bfb-be8a-16b36d0801e9/1/OBbhmySn6M_xifq6wohSzYdIo4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.45.0-185.33.47.255
Signature Algorithm: sha256WithRSAEncryption
85:b7:46:d7:3f:27:91:f1:7e:d8:9a:7d:58:d9:1e:79:ea:94:
2c:f8:a4:54:bd:8b:6f:17:73:9b:c2:e4:c3:25:15:cb:9b:f9:
88:44:15:6b:82:b3:97:df:2b:fd:66:51:07:6c:93:e2:9c:2f:
59:35:25:61:70:e6:7a:d6:85:c3:aa:9d:98:26:9d:bb:ec:39:
cb:be:f2:78:2b:5e:70:e1:2a:aa:c4:3b:7d:80:f6:3f:d9:d8:
b6:d3:d4:71:90:53:81:9e:e3:6c:1e:d0:b7:d9:48:5d:40:94:
c5:d2:2c:15:f3:ec:14:13:b4:ee:48:4d:eb:86:1b:fd:46:10:
5e:db:78:3c:97:e9:d6:61:d2:52:07:e1:b1:19:35:8b:8c:d3:
d7:78:57:ec:fe:0c:03:e3:93:1a:ee:72:f2:83:d8:d3:83:4c:
4e:c1:b1:4e:c8:b1:b4:d0:dc:ed:f1:0c:a9:7f:de:46:08:67:
e2:7a:52:bd:98:70:37:85:fe:82:d2:2b:16:92:6c:d6:15:71:
ce:a9:72:bf:52:09:d3:3a:53:2f:bd:db:ee:ec:53:07:0f:46:
8f:09:6e:02:b6:28:d8:44:b8:57:62:80:e0:15:76:55:20:6e:
87:8f:e9:cb:0a:2e:92:eb:c3:75:d3:4b:c3:61:b8:a8:b3:c2:
12:94:32:b2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlJutCOkLRtmgpYjq0YSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTZlMTliMjRhN2U4Y2ZmMTg5ZmFiYWMyODg1MmNkODc0
OGEzODAwHhcNMjQwMTAyMDAzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjI3Njg2YzAyM2I4N2Q2YTJjOTM1MzRhYWRhZmI2ZDZlNWZlNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmBEDBvTA8D2WTrMTwCG7tHd8tNo
kHYWM/9q/ABTzbCqHY3FN8UUmPHy4dnKAbt/M6KddgbVtOZpB4tTUUqGJ0f/Ndjh
pGsu56NPlHgFbgJ/WTR7v6izIXEZAZhPiI5SpQsI6kQqz1y7nc7rw+KFiX5q+CXk
jqxTruAAaV5as2M8gfsgX4o7exyEL8c2Fv7+HmvSDPQNE1QlJ9E+HbaoChdQ/sLM
pNbAkdHNqs/w/EqDSF+SlUK9dCoDKDQ0PWd0h4YpzhYdFLk/8QJAYRseUKj8knDq
hslUFnNYWIyAUPYLeFjGydel7Tzbf8aP79YIba2K+CE8lwTSS+o55EEhRQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFM8naGwCO4fWosk1NKra+21uX+XdMB8GA1UdIwQY
MBaAFDgW4Zskp+jP8Yn6usKIUs2HSKOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JiaG15U242TV94aWZxNndvaFN6WWRJbzRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kNjEyNzUtZTAwYS00YmZiLWJlOGEt
MTZiMzZkMDgwMWU5LzEvenlkb2JBSTdoOWFpeVRVMHF0cjdiVzVmNWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kNjEyNzUtZTAwYS00YmZiLWJlOGEtMTZiMzZkMDgwMWU5
LzEvT0JiaG15U242TV94aWZxNndvaFN6WWRJbzRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5IS0D
BAS5ISAwDQYJKoZIhvcNAQELBQADggEBAIW3Rtc/J5HxftiafVjZHnnqlCz4pFS9
i28Xc5vC5MMlFcub+YhEFWuCs5ffK/1mUQdsk+KcL1k1JWFw5nrWhcOqnZgmnbvs
Ocu+8ngrXnDhKqrEO32A9j/Z2LbT1HGQU4Ge42we0LfZSF1AlMXSLBXz7BQTtO5I
TeuGG/1GEF7beDyX6dZh0lIH4bEZNYuM09d4V+z+DAPjkxrucvKD2NODTE7BsU7I
sbTQ3O3xDKl/3kYIZ+J6Ur2YcDeF/oLSKxaSbNYVcc6pcr9SCdM6Uy+92+7sUwcP
Ro8JbgK2KNhEuFdigOAVdlUgboeP6csKLpLrw3XTS8NhuKizwhKUMrI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:54:54 2025 by rpki-client